[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Carlos Santos]

Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
the parent session via a crafted TIOCSTI ioctl call, which pushes
characters to the terminal's input buffer.

The new experimental "su --pty" feature has been implemented to fix this
issue. The feature is not enabled by default and the new command line
option --pty is necessary.

Add rfkill, a command for enabling and disabling wireless devices. This
implementation is based upon, and backward compatible with, the original
rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
standalone "rfkill" package.

Add uuidparse, a command to analyze and print information about UUID's.

The "reset" script is not part of utill-linux anymore. Add a legacy
config telling the user to use either BusyBox or the ncurses program.

Drop the ncursesw patch, allready applied upstream. AUTORECONF is not
required anymore.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
---
Changes v1->v2:
- Rebased due to parallel modifications in Config.in.legacy and commit
  5868ab5f22300e920474005e3ae4f78e0b210473, which removed
  PKG_VERSION_MINOR.
---
 Config.in.legacy                                   |  8 +++
 ...upport-ncursesw-without-headers-in-ncurse.patch | 58 ----------------------
 package/util-linux/Config.in                       | 13 +++--
 package/util-linux/util-linux.hash                 |  4 +-
 package/util-linux/util-linux.mk                   | 15 +++---
 5 files changed, 25 insertions(+), 73 deletions(-)
 delete mode 100644 package/util-linux/0001-build-sys-support-ncursesw-without-headers-in-ncurse.patch

diff --git a/Config.in.legacy b/Config.in.legacy
index ea69f5a..c930083 100644
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -145,6 +145,14 @@ endif
 ###############################################################################
 comment "Legacy options removed in 2017.11"
 
+config BR2_PACKAGE_UTIL_LINUX_RESET
+	bool "util-linux reset option removed"
+	select BR2_LEGACY
+	help
+	  The util-linux package no longer offers a "reset" command. Use
+	  either the reset command provided by BusyBox or select ncurses
+	  programs, which will install a symlink from "tset" to reset.
+
 config BR2_PACKAGE_POLICYCOREUTILS_AUDIT2ALLOW
 	bool "policycoreutils audit2allow option removed"
 	select BR2_LEGACY
diff --git a/package/util-linux/0001-build-sys-support-ncursesw-without-headers-in-ncurse.patch b/package/util-linux/0001-build-sys-support-ncursesw-without-headers-in-ncurse.patch
deleted file mode 100644
index 062ac67..0000000
--- a/package/util-linux/0001-build-sys-support-ncursesw-without-headers-in-ncurse.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 87c26ce5b689abe1b52181f98ef3c9eb1b1a5165 Mon Sep 17 00:00:00 2001
-From: Karel Zak <kzak@redhat.com>
-Date: Tue, 1 Aug 2017 14:36:25 +0200
-Subject: [PATCH] build-sys: support ncursesw without headers in ncursesw/
- directory
-
-Let's check always for alone ncurses.h and term.h if the preferred
-variant with ncursesw/ subdirectory is not available.
-
-The patch also minimize number of HAVE_...NCURSES_H macros in
-config.h. We don't need to check for ncurses.h if ncurses/ncurses.h is
-available.
-
-Reported-by: Carlos Santos <casantos@datacom.ind.br>
-Signed-off-by: Karel Zak <kzak@redhat.com>
----
- configure.ac | 18 ++++++++++++++++--
- 1 file changed, 16 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index b204ec11e..592bd587e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -810,6 +810,13 @@ AS_IF([test "x$with_ncursesw" != xno], [
-   AS_IF([test "x$have_ncursesw" = xyes], [
-     AC_CHECK_HEADERS([ncursesw/ncurses.h], [have_ncursesw_header=yes])
-     AC_CHECK_HEADERS([ncursesw/term.h])
-+
-+    # Define HAVE_NCURSES_H only if check for HAVE_NCURSESW_NCURSES_H is
-+    # unsuccessful to avoid too many *_H permitations in config.h
-+    AS_IF([test "x$have_ncursesw_header" = xno], [
-+	   AC_CHECK_HEADERS([ncurses.h], [have_ncursesw_header=yes])
-+	   AC_CHECK_HEADERS([term.h])
-+    ])
-     AS_IF([test "x$have_ncursesw_header" = xno], [have_ncursesw=no])
-   ])
-   AS_IF([test "x$have_ncursesw" = xyes], [
-@@ -834,8 +841,15 @@ AS_CASE([$with_ncurses:$build_widechar],
- AS_IF([test "x$have_ncursesw" = xno -a "x$with_ncurses" != xno ], [
-   UL_NCURSES_CHECK([ncurses])
-   AS_IF([test "x$have_ncurses" = xyes], [
--    AC_CHECK_HEADERS([ncurses/ncurses.h ncurses.h], [have_ncurses_header=yes])
--    AC_CHECK_HEADERS([ncurses/term.h term.h])
-+    AC_CHECK_HEADERS([ncurses/ncurses.h], [have_ncurses_header=yes])
-+    AC_CHECK_HEADERS([ncurses/term.h])
-+
-+    # Define HAVE_NCURSES_H only if check for HAVE_NCURSES_NCURSES_H is
-+    # unsuccessful to avoid too many *_H permitations in config.h
-+    AS_IF([test "x$have_ncurses_header" = xno], [
-+	   AC_CHECK_HEADERS([ncurses.h], [have_ncurses_header=yes])
-+	   AC_CHECK_HEADERS([term.h])
-+    ])
-     AS_IF([test "x$have_ncurses_header" = xno], [have_ncurses=no])
-   ])
-   AS_IF([test "x$have_ncurses" = xyes], [
--- 
-2.13.5
-
diff --git a/package/util-linux/Config.in b/package/util-linux/Config.in
index 5a600c3..5f0a35c 100644
--- a/package/util-linux/Config.in
+++ b/package/util-linux/Config.in
@@ -59,7 +59,8 @@ config BR2_PACKAGE_UTIL_LINUX_BINARIES
 	  ldattach, look, lsblk, lscpu, lsipc, lslocks, lsns, mcookie,
 	  mkfs, mkswap, namei, prlimit, readprofile, renice, rev,
 	  rtcwake, script, scriptreplay, setarch, setsid, sfdisk,
-	  swaplabel, swapoff, swapon, uuidgen, whereis, wipefs
+	  swaplabel, swapoff, swapon, uuidgen, uuidparse, whereis,
+	  wipefs
 
 	  The setarch utility also installs architecture-specific
 	  symlinks like linux32, linux64, uname26, i386 and x86_64.
@@ -291,10 +292,14 @@ config BR2_PACKAGE_UTIL_LINUX_RENAME
 	help
 	  Rename files
 
-config BR2_PACKAGE_UTIL_LINUX_RESET
-	bool "reset"
+config BR2_PACKAGE_UTIL_LINUX_RFKILL
+	bool "rfkill"
+	depends on BR2_USE_MMU # libsmartcols
+	select BR2_PACKAGE_UTIL_LINUX_LIBSMARTCOLS
 	help
-	  Reset the terminal
+	  Tool for enabling and disabling wireless devices. This new
+	  implementation is based upon, and backward compatible with,
+	  the original rfkill from Johannes Berg and Marcel Holtmann.
 
 config BR2_PACKAGE_UTIL_LINUX_RUNUSER
 	bool "runuser"
diff --git a/package/util-linux/util-linux.hash b/package/util-linux/util-linux.hash
index 2711f51..2c01079 100644
--- a/package/util-linux/util-linux.hash
+++ b/package/util-linux/util-linux.hash
@@ -1,2 +1,2 @@
-# From https://www.kernel.org/pub/linux/utils/util-linux/v2.30/sha256sums.asc
-sha256 7b5be5489e9b5b7177832836467aba1c87bf0e9bcbcb5a6f35d76cd4782589dc  util-linux-2.30.2.tar.xz
+# From https://www.kernel.org/pub/linux/utils/util-linux/v2.31/sha256sums.asc
+sha256 f9be7cdcf4fc5c5064a226599acdda6bdf3d86c640152ba01ea642d91108dc8a  util-linux-2.31.tar.xz
diff --git a/package/util-linux/util-linux.mk b/package/util-linux/util-linux.mk
index 4b684b9..8464288 100644
--- a/package/util-linux/util-linux.mk
+++ b/package/util-linux/util-linux.mk
@@ -4,18 +4,15 @@
 #
 ################################################################################
 
-UTIL_LINUX_VERSION_MAJOR = 2.30
-UTIL_LINUX_VERSION = $(UTIL_LINUX_VERSION_MAJOR).2
+UTIL_LINUX_VERSION_MAJOR = 2.31
+UTIL_LINUX_VERSION = $(UTIL_LINUX_VERSION_MAJOR)
 UTIL_LINUX_SOURCE = util-linux-$(UTIL_LINUX_VERSION).tar.xz
 UTIL_LINUX_SITE = $(BR2_KERNEL_MIRROR)/linux/utils/util-linux/v$(UTIL_LINUX_VERSION_MAJOR)
 
-# 0001-Revert-build-sys-ncurses-headers-cleanup.patch
-UTIL_LINUX_AUTORECONF = YES
-
 # README.licensing claims that some files are GPL-2.0 only, but this is not true.
-# Some files are GPL-3.0+ but only in tests.
-UTIL_LINUX_LICENSE = GPL-2.0+, BSD-4-Clause, LGPL-2.1+ (libblkid, libfdisk, libmount), BSD-3-Clause (libuuid)
-UTIL_LINUX_LICENSE_FILES = README.licensing Documentation/licenses/COPYING.GPLv2 Documentation/licenses/COPYING.UCB Documentation/licenses/COPYING.LGPLv2.1 Documentation/licenses/COPYING.BSD-3
+# Some files are GPL-3.0+ but only in tests. rfkill uses an ISC-style license.
+UTIL_LINUX_LICENSE = GPL-2.0+, BSD-4-Clause, LGPL-2.1+ (libblkid, libfdisk, libmount), BSD-3-Clause (libuuid) ISC (rfkill)
+UTIL_LINUX_LICENSE_FILES = README.licensing Documentation/licenses/COPYING.GPLv2 Documentation/licenses/COPYING.UCB Documentation/licenses/COPYING.LGPLv2.1 Documentation/licenses/COPYING.BSD-3 sys-utils/rfkill.c
 UTIL_LINUX_INSTALL_STAGING = YES
 UTIL_LINUX_DEPENDENCIES = host-pkgconf $(TARGET_NLS_DEPENDENCIES)
 # uClibc needs NTP_LEGACY for sys/timex.h -> ntp_gettime() support
@@ -134,7 +131,7 @@ UTIL_LINUX_CONF_OPTS += \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_PIVOT_ROOT),--enable-pivot_root,--disable-pivot_root) \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_RAW),--enable-raw,--disable-raw) \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_RENAME),--enable-rename,--disable-rename) \
-	$(if $(BR2_PACKAGE_UTIL_LINUX_RESET),--enable-reset,--disable-reset) \
+	$(if $(BR2_PACKAGE_UTIL_LINUX_RFKILL),--enable-rfkill,--disable-rfkill) \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_RUNUSER),--enable-runuser,--disable-runuser) \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_SCHEDUTILS),--enable-schedutils,--disable-schedutils) \
 	$(if $(BR2_PACKAGE_UTIL_LINUX_SETPRIV),--enable-setpriv,--disable-setpriv) \
-- 
2.7.5

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Peter Korsgaard]

>>>>> "Carlos" == Carlos Santos <casantos@datacom.ind.br> writes:

 > Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
 > the parent session via a crafted TIOCSTI ioctl call, which pushes
 > characters to the terminal's input buffer.

 > The new experimental "su --pty" feature has been implemented to fix this
 > issue. The feature is not enabled by default and the new command line
 > option --pty is necessary.

 > Add rfkill, a command for enabling and disabling wireless devices. This
 > implementation is based upon, and backward compatible with, the original
 > rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
 > standalone "rfkill" package.

Do you know if there's any reason to prefer this version over our
existing rfkill package? The fact that it isn't available on nommu
probably means we cannot get rid of the separate package, but we may
want to add it to UTIL_LINUX_DEPENDENCIES so the util-linux version
"wins".

 > Add uuidparse, a command to analyze and print information about UUID's.

 > The "reset" script is not part of utill-linux anymore. Add a legacy
 > config telling the user to use either BusyBox or the ncurses program.

 > Drop the ncursesw patch, allready applied upstream. AUTORECONF is not
 > required anymore.

 > Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
 > ---
 > Changes v1->v2:
 > - Rebased due to parallel modifications in Config.in.legacy and commit
 >   5868ab5f22300e920474005e3ae4f78e0b210473, which removed
 >   PKG_VERSION_MINOR.

Sorry about that - Committed, thanks!

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Carlos Santos]

> From: "Peter Korsgaard" <peter@korsgaard.com>
> To: "Carlos Santos" <casantos@datacom.ind.br>
> Cc: buildroot at buildroot.org
> Sent: Tuesday, October 31, 2017 8:04:33 PM
> Subject: Re: [PATCH v2] util-linux: security bump to version 2.31

>>>>>> "Carlos" == Carlos Santos <casantos@datacom.ind.br> writes:
> 
> > Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
> > the parent session via a crafted TIOCSTI ioctl call, which pushes
> > characters to the terminal's input buffer.
> 
> > The new experimental "su --pty" feature has been implemented to fix this
> > issue. The feature is not enabled by default and the new command line
> > option --pty is necessary.
> 
> > Add rfkill, a command for enabling and disabling wireless devices. This
> > implementation is based upon, and backward compatible with, the original
> > rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
> > standalone "rfkill" package.
> 
> Do you know if there's any reason to prefer this version over our
> existing rfkill package? The fact that it isn't available on nommu
> probably means we cannot get rid of the separate package, but we may
> want to add it to UTIL_LINUX_DEPENDENCIES so the util-linux version
> "wins".

I think this one is preferable because util-linux is actively maintained
while the original rfkill seems to be abandoned (the last commit in its
git repository is from Jan 8 2015).

How many nommu architectures does Buildroot support? The only boards I
found without BR2_USE_MMU were qemu_{arm_versatile,xtensa_lx60}_nommu,
which obviously do not even have RF radios to turn on/off.

-- 
Carlos Santos (Casantos) - DATACOM, P&D
?The greatest triumph that modern PR can offer is the transcendent 
success of having your words and actions judged by your reputation, 
rather than the other way about.? ? Christopher Hitchens

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Peter Korsgaard]

>>>>> "Carlos" == Carlos Santos <casantos@datacom.ind.br> writes:

Hi,

 >> Do you know if there's any reason to prefer this version over our
 >> existing rfkill package? The fact that it isn't available on nommu
 >> probably means we cannot get rid of the separate package, but we may
 >> want to add it to UTIL_LINUX_DEPENDENCIES so the util-linux version
 >> "wins".

 > I think this one is preferable because util-linux is actively maintained
 > while the original rfkill seems to be abandoned (the last commit in its
 > git repository is from Jan 8 2015).

Ok.

 > How many nommu architectures does Buildroot support? The only boards I
 > found without BR2_USE_MMU were qemu_{arm_versatile,xtensa_lx60}_nommu,
 > which obviously do not even have RF radios to turn on/off.

It is indeed probably a quite rare combination. Perhaps we should get
rid of the separate rfkill package then and add Config.in.legacy
handling for it selecting the util-linux option?

Volkov, you added the rfkill package. Any issues with moving to the
util-linux variant instead?

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Carlos Santos]

> From: "Peter Korsgaard" <peter@korsgaard.com>
> To: "Carlos Santos" <casantos@datacom.ind.br>, sv99 at inbox.ru
> Cc: buildroot at buildroot.org
> Sent: Thursday, November 2, 2017 7:00:02 AM
> Subject: Re: [PATCH v2] util-linux: security bump to version 2.31

>>>>>> "Carlos" == Carlos Santos <casantos@datacom.ind.br> writes:
> 
> > How many nommu architectures does Buildroot support? The only boards I
> > found without BR2_USE_MMU were qemu_{arm_versatile,xtensa_lx60}_nommu,
> > which obviously do not even have RF radios to turn on/off.
> 
> It is indeed probably a quite rare combination. Perhaps we should get
> rid of the separate rfkill package then and add Config.in.legacy
> handling for it selecting the util-linux option?
> 
> Volkov, you added the rfkill package. Any issues with moving to the
> util-linux variant instead?

I already submitted a patch to remove the rfkill package:

    https://patchwork.ozlabs.org/patch/828969/

-- 
Carlos Santos (Casantos) - DATACOM, P&D
?The greatest triumph that modern PR can offer is the transcendent 
success of having your words and actions judged by your reputation, 
rather than the other way about.? ? Christopher Hitchens

[Buildroot] [PATCH v2] util-linux: security bump to version 2.31

[Arnout Vandecappelle]

On 01-11-17 02:34, Carlos Santos wrote:
>> From: "Peter Korsgaard" <peter@korsgaard.com>
>> To: "Carlos Santos" <casantos@datacom.ind.br>
>> Cc: buildroot at buildroot.org
>> Sent: Tuesday, October 31, 2017 8:04:33 PM
>> Subject: Re: [PATCH v2] util-linux: security bump to version 2.31
> 
>>>>>>> "Carlos" == Carlos Santos <casantos@datacom.ind.br> writes:
>>
>>> Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
>>> the parent session via a crafted TIOCSTI ioctl call, which pushes
>>> characters to the terminal's input buffer.
>>
>>> The new experimental "su --pty" feature has been implemented to fix this
>>> issue. The feature is not enabled by default and the new command line
>>> option --pty is necessary.
>>
>>> Add rfkill, a command for enabling and disabling wireless devices. This
>>> implementation is based upon, and backward compatible with, the original
>>> rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
>>> standalone "rfkill" package.
>>
>> Do you know if there's any reason to prefer this version over our
>> existing rfkill package? The fact that it isn't available on nommu
>> probably means we cannot get rid of the separate package, but we may
>> want to add it to UTIL_LINUX_DEPENDENCIES so the util-linux version
>> "wins".
> 
> I think this one is preferable because util-linux is actively maintained
> while the original rfkill seems to be abandoned (the last commit in its
> git repository is from Jan 8 2015).
> 
> How many nommu architectures does Buildroot support? The only boards I
> found without BR2_USE_MMU were qemu_{arm_versatile,xtensa_lx60}_nommu,
> which obviously do not even have RF radios to turn on/off.

stm32f429_disco_defconfig and stm32f469_disco_defconfig are NOMMU. I don't think
these two have RF, but STM32L4 Discovery boards do have Wifi, Bluetooth, NFC and
900 MHz radio. Probably not supported by rfkill however :-)

 Anyway, if anybody needs it, the MMU requirement of libsmartcols could be
removed. It is only there for the pager functionality which is not used by
either libsmartcols or rfkill, but just happens to be linked into the .so file...

 Regards,
 Arnout


-- 
Arnout Vandecappelle                          arnout at mind be
Senior Embedded Software Architect            +32-16-286500
Essensium/Mind                                http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium           BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7493 020B C7E3 8618 8DEC 222C 82EB F404 F9AC 0DDF